ARM Shanghai IoT Team (Internal)
/
newMiniTLS-GPL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
MiniTLS-GPL
by 
Donatien Garnier
Embed:
(wiki syntax)
Show/hide line numbers
minitls.h
Go to the documentation of this file.
00001 /* 00002 MiniTLS - A super trimmed down TLS/SSL Library for embedded devices 00003 Author: Donatien Garnier 00004 Copyright (C) 2013-2014 AppNearMe Ltd 00005 00006 This program is free software; you can redistribute it and/or 00007 modify it under the terms of the GNU General Public License 00008 as published by the Free Software Foundation; either version 2 00009 of the License, or (at your option) any later version. 00010 00011 This program is distributed in the hope that it will be useful, 00012 but WITHOUT ANY WARRANTY; without even the implied warranty of 00013 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00014 GNU General Public License for more details. 00015 00016 You should have received a copy of the GNU General Public License 00017 along with this program; if not, write to the Free Software 00018 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 00019 *//** 00020 * \file minitls.h 00021 * \copyright Copyright (c) AppNearMe Ltd 2013 00022 * \author Donatien Garnier 00023 */ 00024 00025 #ifndef MINITLS_H_ 00026 #define MINITLS_H_ 00027 00028 /* 00029 http://tools.ietf.org/html/rfc5246 00030 http://tools.ietf.org/html/rfc4492 00031 http://tools.ietf.org/html/rfc4366#page-11 //Limit record length 00032 http://security.stackexchange.com/questions/3204/computationally-simple-lightweight-replacement-for-ssl-tls 00033 */ 00034 00035 #ifdef __cplusplus 00036 extern "C" { 00037 #endif 00038 00039 //Implementation of the TLS1.2 protocol with TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA cipher suite 00040 00041 #include "core/fwk.h" 00042 #include "inc/minitls_config.h" 00043 #include "inc/minitls_errors.h" 00044 00045 #include "crypto/crypto_ecc.h" 00046 #include "crypto/crypto_rsa.h" 00047 #include "crypto/crypto_prng.h" 00048 00049 typedef struct __tls_x509_certificate //If we know the server's certificate, we just have to do a memcmp to "verify" it 00050 { 00051 const uint8_t* certificate; 00052 size_t certificate_size; 00053 00054 //These fields can either be decoded from the certificate (using ASN module -- TODO) or prepopulated 00055 00056 //Decoded -- or prepopulated 00057 //crypto_ecc_curve_type_t ecc_curve; 00058 union 00059 { 00060 #if CRYPTO_ECC 00061 crypto_ecc_public_key_t ecc; 00062 #endif 00063 #if CRYPTO_RSA 00064 crypto_rsa_public_key_t rsa; 00065 #endif 00066 } public_key; 00067 00068 //public_key_type (ECDH-capable) 00069 //signature_algorithm (ECDSA-SHA1) -- certificate is encrypted using private key and then hashed with SHA1 00070 } tls_x509_certificate_t; 00071 00072 00073 typedef struct __minitls 00074 { 00075 crypto_prng_t* prng; 00076 const tls_x509_certificate_t* certificate; //Certificate is global to all connections 00077 } minitls_t; 00078 00079 00080 minitls_err_t minitls_init(minitls_t* minitls, crypto_prng_t* prng); 00081 minitls_err_t minitls_certificate_add(minitls_t* minitls, const tls_x509_certificate_t* cert); //Only one supported now 00082 00083 #ifdef __cplusplus 00084 } 00085 #endif 00086 00087 #endif /* MINITLS_H_ */
Generated on Tue Jul 12 2022 19:20:10 by
1.7.2